Tag Archives: Datacenter outsourcing

A question came up the other day regarding installing ESU licenses on a shared platform if the service provider (under a SPLA agreement) is licensed for Windows Datacenter but installed Windows STD VM. That’s pretty common and though I would address it today.

One should not be confused over what is installed v what is actually licensed. As the SPLA Provider is licensed for Windows Server Datacenter, the server should be covered with ESU Datacenter. Running a Windows Standard VM when licensed for Windows Server Datacenter does not change the license requirement.

It is also important to note that ESU is not available in SPLA, but is available through CSP, EA, and SCE agreements. The Service Provider will not be licensing ESU, but the end customer. Think of it as license mobility without the need for Software Assurance.

The year 2017 has brought on A LOT of change for the hosting community. A hosting company used to be an organization that hosted Exchange – fast forward to today and a service provider takes on a whole new meaning. In this article, we will take a look at defining a service provider and how it applies to licensing. Let’s play a little game called “Do they qualify” Have a question? Email info@splalicensing.com

An organization that provides or extends litigation software (that they leased from the publisher) to law firms and other legal entities who are not wholly owned by the organization providing the solution. Does this organization qualify for SPLA?

Yes. If you are an avid reader of splalciensing.com, you probably read my article on EMR Software The same holds true for any software (not just EMR) that runs on Microsoft technology that you do not own, but lease from a third-party. Remember “AS” If you are providing software AS a service that’s hosted from your datacenter environment, SPLA must be part of the equation. Why does this solution qualify for SPLA?

#1 they don’t own the software they are hosting

#2 they do not own the organization(s) who are consuming (using) the software for their benefit.

An organization who sells a product on a website to external users – do they qualify for SPLA?

No. Although they are selling something to consumers via the internet, the software used to deploy the solution benefits the e-commerce company, not the end-user. Where SPLA does fit is if the web company decides to host a website on behalf of another organization. The web company would fall under the SPLA rules. Who benefits from the access is a key question to ask yourself. Second question – is the access used to run their business or my own?

An organization who provides SharePoint to end users to share information. Do they qualify?

No. Simply sharing information does not qualify. If the organization was hosting SharePoint on behalf of another organization, that’s SPLA.

A company hosts Exchange on behalf of another organization but does not charge for this access. Does this qualify for SPLA?

Yes. Microsoft doesn’t care how much money you make from the solution. The question remains – are you providing this “as a service” for a third-party?

A company decides to use AWS as their datacenter provider to host an application they use internally. Do they need SPLA?

No. In this example, you are the end-user. AWS has a SPLA to cover all infrastructure products they host on your behalf. If you were to use AWS as a datacenter provider to host SharePoint to your end customers employees; you would pay AWS for Windows and SQL and report on your SPLA SharePoint SAL licenses.

I have 25 Linux machines that I host for my customers. Do I need SPLA?

No. You have 25 Linux machines. If you had 24 Linux machines and 1 Windows VM, you would have to license the host machine to cover that Windows VM through SPLA.

My reseller told me I didn’t need SPLA because the access qualifies for Self-Hosted. The auditors told me it does not qualify. Why?

All software used to deploy the solution has to be self-hosted eligible. I bet you are running an application that does not qualify as part of your solution. This would be SPLA. Secondly, if you did not buy the software with software assurance, that is out of compliant.

We created The Cloud Insider Times as a way to provide valuable content to the splalicensing.com reader. Each week our team will search the web for relevant information as it relates to SPLA and other cloud related technologies and solutions. Have a question or hot topic or would like to be added to “The Cloud Insider Times” Contact me at info@splalicensing.com

The healthcare community has increased concerns with the way they have deployed (and licensed) their electronic medical record (EMR) software such as Epic Community Connect and others. As a reader of this blog, you know that when you deploy software for the benefit of a third party (non employee) SPLA must be part of the conversation. The only exception to this rule is if you actually own the code to the software you are hosting. In other words, if you developed the software, you can use your own volume licenses to host your software. If you host a third party software (such as Epic) you must license this in SPLA. In most cases, many healthcare companies do not own the application, but lease it from the EMR vendor.

Rewind a few years and let’s pretend you are a large hospital who partnered with Epic to provide best in class patient record management for your clients, doctors, and other clinics. Your Epic deployment resides on a Windows Server, SQL Server, and RDS. As the IT director, you purchased several server licenses and hundreds of Client Access Licenses (CAL) to cover all the external users. You think you are covered; no one mentions you need to license this via SPLA. Your reseller didn’t tell you, Microsoft didn’t tell you, and for that matter the vendor didn’t tell you. You think all is well based off the information you received. Fast forward 3 years and your volume licensing agreement is up for renewal. Someone on the licensing side informs you that you shouldn’t true-up licenses or renew your agreement under volume licensing, you need to license SPLA. You think that’s fine, if you must license under a different program who are you to argue. But what about all those license you already purchased and own? Unfortunately, you cannot return them, you must allocate those internally. You think to yourself that’s fine, except for one minor detail…. you purchased hundreds of CALs and you do not have hundreds of employees; those license you own are essentially worthless. On top of everything else, you just received an audit notification.

Why would they receive an audit notification? Once a vendor recognizes you have been under-licensed, the vendor might want to dig in deeper to see how long you have been out of compliant and if you purchased enough licenses to cover all the users. In 90% of all audits, the customer is under-licensed. Now you own licenses you don’t need, but should’ve purchased more because you don’t own enough licenses to cover all external users initially. The vendor will want you to pay the delta of what you should’ve paid under SPLA and what you purchased under volume licensing (plus an audit fee).

If you are a healthcare provider and have been notified by Microsoft or any other vendor, please contact us. We have found that in many cases the licenses report is not always 100% accurate.

Fail-over server rights do not apply in the case of software moved to shared third party servers under License Mobility through Software Assurance.

Example

Let’s say an end customer purchased a license with software assurance that qualifies for license mobility. Since SA allows failover rights, most service providers (if not all) are under the impression they would get the same benefit in their datacenter as they would on premise. In this example, the end customer transfers a SQL license over to the hoster, the hoster spins up a secondary SQL fail-over server. Given the statement above from the PUR, If they are enabling SQL fail-over they would need a second license under SPLA.

Why is this important?

For starters, compliance. If that secondary server is not properly licensed or your under the assumption that if it exists on premise it must also exist in the cloud you are mistaken.

What about Cold DR?

Doesn’t exist anymore.

What about SQL Failover for SPLA specifically?

SQL SPLA licenses have fail-over rights. Read the SPUR

What about other products for disaster recovery?

The SPUR has specific language around DR, how long the server can be active (non-production), when Windows would need to be reported, etc.

Any workarounds?

SAL for SA – I think this would fit well for DR. Customer can still run the software on premise and spin up a second server in the cloud.

Normal SALs- 1 user SAL license can access multiple servers. Could be another option if the customer is against license mobility.

In the words of a famous hoster “it’s not how you license…it’s how long can you get away with not licensing that really matters” He was audited immediately following that statement.

In this post I will highlight new (and not so new) compliance gotchas as it pertains to providing infrastructure as a service.

Let’s start with a common example and go from there. You provide the infrastructure such as Windows/SQL, your customer provides the applications. Sound familiar? You license Windows Datacenter, SQL Enterprise in a shared (aka public cloud) environment under SPLA. You have no idea or really care what applications your customer’s are installing right? You just provide the support of the infrastructure. That’s not your concern. It’s their application, why should you care? Ahhh…but maybe you should.

Have you ever wondered how they’re accessing the applications? Are all applications web-based? I will answer that question for you…no. So how are they accessing the applications? Do they use Citrix? Do they remote into the application somehow? There’s that word…remote.

If you enable the Remote Desktop Services role within Windows Server – you guessed it…you need to report RDS licenses. The number of IaaS providers who just report Windows and SQL is astronomical. The number of IaaS providers now reporting RDS is also rapidly growing. Did they wake up one day and decide they should start reporting RDS? Unfortunately no. They were audited. Shoot me over an email and I will forward the guide that explains RDS and when it applies. Remember when you license RDS, you need to license each user that HAS access to RDS – not who does access.

Let me provide an example of how easily you could be underreporting RDS. Let’s say your customer has an application from another vendor (outside Microsoft) that’s hosted in your datacenter. That same vendor provides support to the application. You are not hosting the application for the vendor but for your customer, you just provide the vendor access to support the application via remote connection. SPLA allows 20 users to provide support and administration per datacenter. If you exceed that limit, you are going to have to report those additional users. Yes, even if you are not charging them.

Other IaaS Gotchas –

While we’re on the topic of customer owned applications, do you have it written in your agreement with the customer that you are not responsible for the applications they install? What would happen if they install applications that you are not aware of and they don’t have the appropriate licenses…who’s responsible you or the end customer? Kind of a trick question, it’s both. You will get audited, it’s installed in your datacenter, you are ultimately responsible. You need to ensure you have it written in your agreement that you’re not responsible so you can have a nice chat with your customer. All the big boys do it…you should too.

What about SQL? Are you virtualizing? Why aren’t you reporting SQL Enterprise? Are you utilizing all the use rights that come with SQL Enterprise – unlimited virtualization, DR, mobility within server farms, etc? What about smaller environments? Have you considered licensing by user instead of by core for SQL Standard edition?

SQL Web is tempting isn’t it? Less expensive option but no one really understands what it is. Here’s a quick synopsis – if you do not host public facing websites, SQL Web is not an option.

How are you managing your datacenter? Do you have System Center installed? You should report the Core Infrastructure Suite. Running Hyper V with few VM’s, license CPS. Both products include Windows. You need Windows to run System Center, so you kill two birds with one stone so to speak.

Ask your customers if they have Software Assurance. It’s no longer about latest version rights and annual payments. It’s about moving to the cloud. Let’s make sure it’s your cloud and not someone else’s.

Conclusion –

I’ve been around this game of SPLA for a long time. The best advice I can give is to listen to your customers and don’t be afraid to change. Cloud is evolving, you should evolve too. Don’t report out of convenience, look into ways you can optimize what you are reporting. It’s competitive out there, let’s make sure you are getting the most value out of your agreement.

I’ve written before on how partnering with an established provider can save you money, especially as a short term solution to get your hosting business started. What I haven’t really addressed is the licensing.

Data Center Outsourcing is essentially what the name applies. “Data Center” and “Outsourcing”; you outsource your data center. Amazing how that works. Microsoft definition is a bit more confusing – amazing how that works too. From the outsourcing guide:

“A Data Center Provider is a Service Provider that provides Software Services, usually IaaS, to another Service Provider using Products licensed from Microsoft through its own SPLA..”

Microsoft Azure is a good example of a data center outsourcing company. When you sign up for Azure, Windows will be included in the service. They are essentially providing the infrastructure (Windows and/or SQL cores) and you provide the application licenses via your own SPLA. When you leverage another service provider who provides the infrastructure, they must be providing the Windows licenses. Hmmm…here’s why.

Let’s say you have a signed SPLA agreement to offer Exchange to your clients and you decide to use Brett’s Hosting to provide the infrastructure. Brett’s Hosting offers a public cloud environment (multiple customers sharing same resources). Under this model, you will report Exchange licenses for each user that HAS access to the software and NOT report Windows under your own SPLA; Brett’s Hosting would report Windows via their own SPLA. Why? If it is a shared environment, there is no way Brett’s Hosting can allocate processors for you to report it. SQL cores works the same way. Still don’t believe me? Check out the FAQ guide from Azure here. Notice under SQL it states you can purchase a VM or use SAL licenses. Notice under Windows it states Windows is included with your agreement.

Here’s the bottom line, if you decide to outsource your data center to a public cloud provider, ask them how they manage the Windows OS. If they say it is not included in the cost of the service and you should be providing the licenses, they are out of compliant.

That being said, if you provide data center outsourcing services, I think you are in the right business. This is the fastest growing area within the hosting industry. Windows is relatively inexpensive from a licensing perspective, especially as you add more VM’s and can capitalize on the Data Center edition. (remember…unlimited VM’s). SQL can get a bit more complex, but if you understand it I think that could be an added value over your competition. Last, because you report Windows and SQL only and let the service provider control the user based licensing; it limits your compliance exposure. (processors/cores are easier to track).

So are you a data center outsource or a service provider? Do you work with someone to resell your solution or do it alone? Would love to learn more about your offerings. If you need guidance or best practices or just want a second opinion from a licensing perspective you can email me at blaforge@splalicensing.com.